I am in the process of trying to clean up after a domain rename gone bad. The rename was from xxx.com to hq.xxx.com
My current problem is that I cannot login to the DC (only DC on network) Logging into other computers is not a problem. The error is "The security database on the server does not have a computer account for this workstation trust relationship." The good news is that all other computers on the network allow logins fine.
I have a VM on the same physical machine with windows 2012 as a member server that I installed Remote Management on. I can run Active Users & Computers, when I look under Domain Controllers I see the DC, but the "DNS Name:" is set to server.xxx.com, instead of server.hq.xxx.com. There appears to be no way to either;
a) Change the DNS Name:, or
b) Manually add another server with the right name.
Hence my question, How can I change the DNS Name on a Windows 2012 domain controller?
Additionally, am I barking up the wrong tree? Is there something else I should look at?
I guess someone got their shorts in a bunch because I did not specify all of the things that I have researched and tried.
I spent a number of hours manually changing the DNS, removing LDAP and KErberos entries linking the DC to the old (xxx.com) domain. After restarting the servers, when I couldn't get logged in to the DC I searched for other examples of that problem, I couldn't find any relevant examples. I then searched for, found & installed the remote management tools for 2012 domains, on the VM containing a member server. That is when I found that the DNS Name defined above was incorrect. I searched for this issue, to no avail. I specifically looked at all of the items in ServerFault that might be related, and found nothing useful.
Best Answer
Domain Controllers retain their original FQDN after a rename. There is a specific procedure that you must follow to correct this after a domain rename, it's outlined in this TechNet article: http://technet.microsoft.com/en-us/library/cc794925(v=ws.10).aspx